garfield/wpscan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Trying to make code climate happier

Browse Source
This commit is contained in:
g0tmi1k
2018-05-14 18:08:42 +01:00
parent f90a64ce81
commit b5e3e6280e
4 changed files with 26 additions and 43 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
lib/wpscan/web_site/humans_txt.rb
View File

@@ -3,29 +3,11 @@
class WebSite class WebSite
module HumansTxt module HumansTxt
# Gets a humans.txt URL # Gets the humans.txt URL
# @return [ String ] # @return [ String ]
def humans_url def humans_url
@uri.clone.merge('humans.txt').to_s @uri.clone.merge('humans.txt').to_s
end end
# Parse humans.txt
# @return [ Array ] URLs generated from humans.txt
def parse_humans_txt
return_object = []
response = Browser.get(humans_url.to_s)
body = response.body
# Get all non-comments
entries = body.split(/\n/)
# Did we get something?
if entries
# Remove any rubbish
entries = clean_uri(entries)
end
return return_object
end
end end
end end

20
lib/wpscan/web_site/security_txt.rb
View File

@@ -3,29 +3,11 @@
class WebSite class WebSite
module SecurityTxt module SecurityTxt
# Gets a security.txt URL # Gets the security.txt URL
# @return [ String ] # @return [ String ]
def security_url def security_url
@uri.clone.merge('.well-known/security.txt').to_s @uri.clone.merge('.well-known/security.txt').to_s
end end
# Parse security.txt
# @return [ Array ] URLs generated from security.txt
def parse_security_txt
return_object = []
response = Browser.get(security_url.to_s)
body = response.body
# Get all non-comments
entries = body.split(/\n/)
# Did we get something?
if entries
# Remove any rubbish
entries = clean_uri(entries)
end
return return_object
end
end end
end end

19
lib/wpscan/wpscan_helper.rb
View File

@@ -153,6 +153,25 @@ def full_uri(entries)
return return_object return return_object
end end
# Parse humans.txt
# @return [ Array ] URLs generated from humans.txt
def parse_txt(url)
return_object = []
response = Browser.get(url.to_s)
body = response.body
# Get all non-comments
entries = body.split(/\n/)
# Did we get something?
if entries
# Remove any rubbish
entries = clean_uri(entries)
end
return return_object
end
# Hook to check if the target if down during the scan # Hook to check if the target if down during the scan
# And have the number of requests performed to display at the end of the scan # And have the number of requests performed to display at the end of the scan
# The target is considered down after 30 requests with status = 0 # The target is considered down after 30 requests with status = 0

10
wpscan.rb
View File

@@ -248,7 +248,7 @@ def main
end end
if wp_target.has_sitemap? if wp_target.has_sitemap?
code = get_http_status(wp_target.robots_url) code = get_http_status(wp_target.sitemap_url)
puts info("Sitemap found: #{wp_target.sitemap_url} [HTTP #{code}]") puts info("Sitemap found: #{wp_target.sitemap_url} [HTTP #{code}]")
wp_target.parse_sitemap.each do |dir| wp_target.parse_sitemap.each do |dir|
@@ -262,8 +262,8 @@ def main
if code == 200 if code == 200
puts info("humans.txt available under: #{wp_target.humans_url} [HTTP #{code}]") puts info("humans.txt available under: #{wp_target.humans_url} [HTTP #{code}]")
wp_target.parse_humans_txt.each do |dir| wp_target.parse_txt(humans_url).each do |dir|
puts info("Interesting entry from humans.txt: #{dir}") puts info("Entry from humans.txt: #{dir}")
end end
spacer() spacer()
end end
@@ -272,8 +272,8 @@ def main
if code == 200 if code == 200
puts info("security.txt available under: #{wp_target.security_url} [HTTP #{code}]") puts info("security.txt available under: #{wp_target.security_url} [HTTP #{code}]")
wp_target.parse_security_txt.each do |dir| wp_target.parse_txt(security_url).each do |dir|
puts info("Interesting entry from security.txt: #{dir}") puts info("Entry from security.txt: #{dir}")
end end
spacer() spacer()
end end